7208 matches found
CVE-2023-3545
Improper sanitisation in main/inc/lib/fileUpload.lib.php in Chamilo LMS = v1.11.20 on Windows and Apache installations allows unauthenticated attackers to bypass file upload security protections and obtain remote code execution via uploading of .htaccess file. This vulnerability may be exploited ...
CVE-2023-3533 Chamilo LMS Unauthenticated Remote Code Execution via Arbitrary File Write
Path traversal in file upload functionality in /main/webservices/additionalwebservices.php in Chamilo LMS = v1.11.20 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via arbitrary file write...
Cisco Identity Services Engine Arbitrary File Write Vulnerability
Cisco Identity Services Engine ISE is an environment-aware platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users and devices, and develops and enforces policies to regulate the network. An arbitrary file write vulnerability exists in...
AI ChatBot < 4.9.1 and 4.9.2 - Authenticated (Subscriber+) Directory Traversal to Arbitrary File Write via qcld_openai_upload_pagetraining_file
Description The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcldopenaiuploadpagetrainingfile function. This allows subscriber-level attackers to append "...
Tenable Nessus Arbitrary File Write Vulnerability (TNS-2023-39)
Tenable Nessus is prone to an arbitrary file write vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"...
Tenable Nessus Arbitrary File Write Vulnerability (TNS-2023-40)
Tenable Nessus is prone to an arbitrary file write vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"...
Cisco Identity Services Engine 安全漏洞
Cisco Identity Services Engine ISE is an environment-aware platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users and devices, and develops and enforces policies to regulate the network. An arbitrary file write vulnerability exists in...
CVE-2023-6062
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition...
CVE-2023-6178
An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition...
CVE-2023-6062
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition...
CVE-2023-6178
An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition...
Race condition
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition...
Race condition
An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition...
CVE-2023-6178
An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition...
CVE-2023-6178
Summary: CVE-2023-6178 is an arbitrary file write vulnerability affecting Tenable Nessus Agent upstream/remote agent when self-reported as pre-10.4.4. An authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remot...
CVE-2023-6062 Arbitrary File Write
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition...
CVE-2023-6062
CVE-2023-6062 affects Tenable Nessus. An authenticated, remote attacker with administrator privileges can modify Nessus Rules variables to write arbitrary files on the remote host, causing a denial-of-service condition. Public references (TNS-2023-39/40) describe Nessus versions affected and vend...
CVE-2023-6062 Arbitrary File Write
An arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition...
CVE-2023-43612 Hiview has an improper preservation of permissions vulnerability
in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write through improper preservation of permissions...
CVE-2023-43612 Hiview has an improper preservation of permissions vulnerability
in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write through improper preservation of permissions...